Bugs item #3042645, was opened at 2010-08-10 11:34
Message generated for change (Tracker Item Submitted) made by mitchchapman
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=428740&aid=3042645&group_id=40728
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: File Translation
Group: 2.2.x
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Mitch Chapman (mitchchapman)
Assigned to: Nobody/Anonymous (nobody)
Summary: chiral smiles may cause memory corruption
Initial Comment:
This problem arose with OpenBabel 2.2.3 on Ubuntu 10.04. When presented with a
chiral SMILES whose chiral center is bonded to more than four neighbors,
src/formats/smilesformat.cpp may overrun memory. A patch is attached.
I'm not a chemist, so please pardon my lack of clarity :)
I encountered the problem while using babel to convert a proprietary SMILES in
which a chiral center was bonded to more than four other atoms. Here is a
non-proprietary sample SMILES which helps demonstrate the problem:
[N@@]1234([C@@]9([...@h]1[c@H]3[C@@H]4[C@@H]29))
If this is saved to a file named problem.smi, and if babel is run under
valgrind to convert the smiles to another format, valgrind will detect the
memory overrun:
$ valgrind babel -i smi problem.smi -o sdf problem.sdf
(See below for full valgrind output.)
The attached patch for src/formats/smilesformat.cpp addresses the problem by
resizing (ChiralSearch->second)->refs as needed.
{{{
$ valgrind babel -i smi problem.smi -o sdf problem.sdf
==4287== Memcheck, a memory error detector
==4287== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==4287== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for
copyright info
==4287== Command: babel -i smi problem.smi -o sdf problem.sdf
==4287==
==4287== Invalid write of size 4
==4287== at 0xC061A37:
OpenBabel::OBSmilesParser::ParseComplex(OpenBabel::OBMol&)
(smilesformat.cpp:2398)
==4287== by 0xC069DFA:
OpenBabel::OBSmilesParser::ParseSmiles(OpenBabel::OBMol&) (smilesformat.cpp:988)
==4287== by 0xC06A3AB:
OpenBabel::OBSmilesParser::SmiToMol(OpenBabel::OBMol&, std::string const&)
(smilesformat.cpp:938)
==4287== by 0xC06AD27:
OpenBabel::SMIBaseFormat::ReadMolecule(OpenBabel::OBBase*,
OpenBabel::OBConversion*) (smilesformat.cpp:890)
==4287== by 0x4F0C864:
OpenBabel::OBMoleculeFormat::ReadChemObjectImpl(OpenBabel::OBConversion*,
OpenBabel::OBFormat*) (obmolecformat.cpp:93)
==4287== by 0x4EF5E67: OpenBabel::OBConversion::Convert()
(obconversion.cpp:481)
==4287== by 0x4EF650E: OpenBabel::OBConversion::Convert(std::istream*,
std::ostream*) (obconversion.cpp:420)
==4287== by 0x4EFBDB8:
OpenBabel::OBConversion::FullConvert(std::vector<std::string,
std::allocator<std::string> >&, std::string&, std::vector<std::string,
std::allocator<std::string> >&) (obconversion.cpp:1321)
==4287== by 0x4040DE: main (babel.cpp:340)
==4287== Address 0x6250060 is 0 bytes after a block of size 16 alloc'd
==4287== at 0x4C28CC1: operator new(unsigned long) (vg_replace_malloc.c:261)
==4287== by 0x4E89E36: std::vector<unsigned int, std::allocator<unsigned
int> >::operator=(std::vector<unsigned int, std::allocator<unsigned int> >
const&) (new_allocator.h:89)
==4287== by 0xC06047E:
OpenBabel::OBSmilesParser::ParseComplex(OpenBabel::OBMol&)
(smilesformat.cpp:2276)
==4287== by 0xC069DFA:
OpenBabel::OBSmilesParser::ParseSmiles(OpenBabel::OBMol&) (smilesformat.cpp:988)
==4287== by 0xC06A3AB:
OpenBabel::OBSmilesParser::SmiToMol(OpenBabel::OBMol&, std::string const&)
(smilesformat.cpp:938)
==4287== by 0xC06AD27:
OpenBabel::SMIBaseFormat::ReadMolecule(OpenBabel::OBBase*,
OpenBabel::OBConversion*) (smilesformat.cpp:890)
==4287== by 0x4F0C864:
OpenBabel::OBMoleculeFormat::ReadChemObjectImpl(OpenBabel::OBConversion*,
OpenBabel::OBFormat*) (obmolecformat.cpp:93)
==4287== by 0x4EF5E67: OpenBabel::OBConversion::Convert()
(obconversion.cpp:481)
==4287== by 0x4EF650E: OpenBabel::OBConversion::Convert(std::istream*,
std::ostream*) (obconversion.cpp:420)
==4287== by 0x4EFBDB8:
OpenBabel::OBConversion::FullConvert(std::vector<std::string,
std::allocator<std::string> >&, std::string&, std::vector<std::string,
std::allocator<std::string> >&) (obconversion.cpp:1321)
==4287== by 0x4040DE: main (babel.cpp:340)
==4287==
}}}
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=428740&aid=3042645&group_id=40728
------------------------------------------------------------------------------
This SF.net email is sponsored by
Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev
_______________________________________________
OpenBabel-Devel mailing list
OpenBabel-Devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openbabel-devel
